Skip to content
Home / Function (NIST CSF 2.0) / PR - Protect / DS - Data Security

US Gramm-Leach-Bliley Act (GLBA)

This document focuses on:

The GLBA is a federal law that mandates financial institutions to provide customers with clear explanations of their information-sharing practices while ensuring the protection of sensitive consumer data. The Act is divided into three primary sections: the Financial Privacy Rule, which governs the collection and disclosure of nonpublic personal information; the Safeguards Rule, which requires institutions to implement comprehensive information security programs; and the Pretexting provisions, which prohibit obtaining private information under false pretenses. From a cybersecurity perspective, the document is highly relevant to Data Privacy, Information Security Governance, and Access Control, as it requires administrative, technical, and physical safeguards to protect against unauthorized access and potential data breaches. Recent amendments have further emphasized Incident Response by introducing mandatory breach notification requirements for the Federal Trade Commission (FTC)


Publication's URL

https://www.ftc.gov/business-guidance/privacy-security/gramm-leach-bliley-act

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

What do you think of this document?

Your email address will not be published. Required fields are marked *